Jump to content

Disabling uac and avira, fake windows defender


netdis

Recommended Posts

Hello!

I got some serious infections. Virus is disabling UAC and keeping Avira in Enchanced Protection Mode (fake Windows Defender). When I ran Malwarebytes'

Antimalware system was restarted (Antimalware closed) and it started Emergency System then restarted to normal mode. Antimwalware gave info about infected svchost and some file called MyWebSearch and a lot more.

Attaching DDS logs.

Sorry for double post but I read you would like to have logs included in post. Also I ran Malwarebytes' AntiMalware in Safe Mode and it (probably) deleted 140 infections.

DDS

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.6000.17037 BrowserJavaVersion: 1.6.0_07

Run by Daria at 11:10:06 on 2011-11-11

Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1250.48.1045.18.2038.771 [GMT 1:00]

.

.

============== Running Processes ===============

.

C:\Windows\SYSTEM32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\SYSTEM32\taskeng.exe

C:\Windows\SYSTEM32\taskeng.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE

C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\AMT Media Manager\AMTDeviceService.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

"C:\Windows\update.tray-15-0\svchost.exe"

"C:\Windows\update.tray-8-0\svchost.exe"

C:\Users\Daria\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Daria\AppData\Local\Facebook\Update\FacebookUpdate.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\update.1\svchost.exe srv

C:\Windows\System32\alg.exe

"C:\Windows\update.tray-8-0-lnk\svchost.exe" tray 8-0 1

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Users\Daria\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Daria\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\rundll32.exe

C:\Users\Daria\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page =

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2405280

uSearch Bar =

uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL

uURLSearchHooks: H - No File

uURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll

mURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll

BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL

BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll

BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll

BHO: UrlHelper Class: {474597c5-ab09-49d6-a4d5-2e8d7341384e} - c:\program files\imesh applications\mediabar\datamngr\IEBHO.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\program files\bearshare applications\bearshare mediabar\BearShareIEHelper.dll

BHO: MediaBar: {abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f} - c:\program files\imesh applications\mediabar\toolbar\iMeshMediaBarDx.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: IEPluginBHO Class: {f5cc7f02-6f4e-4462-b5b1-394a57fd3e0d} - c:\programdata\gadu-gadu 10\_userdata\ggbho.2.dll

TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL

TB: BearShare MediaBar: {d3dee18f-db64-4beb-9ff1-e1f0a5033e4a} - c:\program files\bearshare applications\bearshare mediabar\BearShareMediaBar.dll

TB: My Global Search Bar: {37b85a29-692b-4205-9cad-2626e4993404} - c:\program files\myglobalsearch\bar\1.bin\MGSBAR.DLL

TB: MediaBar: {abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f} - c:\program files\imesh applications\mediabar\toolbar\iMeshMediaBarDx.dll

TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll

TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll

uRun: [Google Update] "c:\users\daria\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe

uRun: [ALLUpdate] "c:\program files\allplayer\ALLUpdate.exe" "sleep"

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [ares] "c:\program files\ares\Ares.exe" -h

uRun: [MaxUp Video Downloader] c:\program files\maxup video downloader\maxup.exe

uRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe

uRun: [software Informer] "f:\flashcontents\software informer\softinfo.exe" -autorun

uRun: [fsm]

uRun: [Facebook Update] "c:\users\daria\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [recinfo220] c:\recinfo\RecInfo.exe

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [recinfo] RecInfo.exe

mRun: [MyWebSearch Plugin] rundll32 c:\progra~1\mywebs~1\bar\2.bin\M3PLUGIN.DLL,UPF

mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe

mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\2.bin\m3SrchMn.exe" /m=2 /w

mRun: [DataMngr] c:\program files\imesh applications\mediabar\datamngr\DataMngrUI.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [PATHPILOT] c:\program files\hanso recorder\Hanso Recorder.lnk

mRun: [EPSON Stylus DX4800 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiade.exe /f "c:\windows\temp\E_SEDD9.tmp" /EF "HKLM"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [AMTDeviceService] "c:\program files\amt media manager\AMTDeviceService.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [wxpdrv] c:\windows\services32.exe

mRun: [tray_ico]

mRun: [tray_ico0] c:\windows\update.tray-15-0\svchost.exe

mRun: [tray_ico1] c:\windows\update.tray-8-0\svchost.exe

mRun: [tray_ico2]

mRun: [tray_ico3]

mRun: [tray_ico4]

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

dRunOnce: [sSS2006] "c:\program files\steganos security suite 2006\SSS2006.exe" -firstboot

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableSecureUIAPaths = 0 (0x0)

IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNman000

IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {40525A66-DB98-480D-BCF9-7AF88C1AF438} - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - c:\program files\arcabit\webextensions\ie\ArcaIEExt.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 85.14.85.2 85.14.85.14

TCP: Interfaces\{06BE258E-23BC-435F-913F-C37579E2EDAC} : DhcpNameServer = 85.14.85.2 85.14.85.14

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

============= SERVICES / DRIVERS ===============

.

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-11-9 36000]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-11-9 74640]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-11 366152]

R2 wxpdrivers;wxpdrivers;c:\windows\update.1\svchost.exe srv --> c:\windows\update.1\svchost.exe srv [?]

R3 ABndisMP;ABndisMP;c:\windows\system32\drivers\abndis.sys [2010-4-29 34384]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-11 22216]

R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-11-11 41272]

S2 AntiVirSchedulerService;Avira Scheduler;"c:\program files\avira\antivir desktop\sched.exe" --> c:\program files\avira\antivir desktop\sched.exe [?]

S2 AntiVirService;Avira Realtime Protection;"c:\program files\avira\antivir desktop\avguard.exe" --> c:\program files\avira\antivir desktop\avguard.exe [?]

S2 gupdate;Usługa Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-6 136176]

S2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\2.bin\mwssvc.exe --> c:\progra~1\mywebs~1\bar\2.bin\mwssvc.exe [?]

S2 Zwunzi Service;Zwunzi Service;"c:\programdata\zwunzi\zwunzi139.exe" "c:\program files\zwunzi\zwunzi.dll" service --> c:\programdata\zwunzi\zwunzi139.exe [?]

S3 ABndis;ABndis Service;c:\windows\system32\drivers\abndis.sys [2010-4-29 34384]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-6-24 36640]

S3 gupdatem;Usługa Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-8-6 136176]

S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [2007-11-2 83496]

S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [2007-11-2 15016]

S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [2007-11-2 109992]

S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [2009-3-28 103976]

S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [2009-3-28 100008]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-11 47128]

S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-11 369688]

.

=============== File Associations ===============

.

vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*

vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*

jsefile\shell\open2\command=%SystemRoot%\System32\CScript.exe "%1" %*

.

=============== Created Last 30 ================

.

2011-11-11 10:14:12 80416 ----a-w- c:\windows\system32\RtNicProp32.dll

2011-11-11 10:14:12 100896 ----a-w- c:\windows\system32\RTNUninst32.dll

2011-11-11 10:14:11 363112 ----a-w- c:\windows\system32\drivers\Rtlh86.sys

2011-11-11 10:06:25 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-11-11 10:06:18 -------- d-----w- c:\users\daria\appdata\roaming\Malwarebytes

2011-11-11 10:06:02 -------- d-----w- c:\programdata\Malwarebytes

2011-11-11 10:05:59 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-11 10:05:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-11-11 09:58:35 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b618b52e-63dd-4832-b03c-c90c65149951}\offreg.dll

2011-11-11 09:44:04 -------- d--h--w- c:\windows\update.tray-8-0-lnk

2011-11-11 09:44:04 -------- d--h--w- c:\windows\update.tray-8-0

2011-11-09 09:33:57 -------- d-----w- c:\users\daria\appdata\roaming\Avira

2011-11-09 09:32:10 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-11-09 09:32:10 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2011-10-31 15:03:33 -------- d-----w- c:\program files\SkanerOnline

2011-10-28 14:33:48 -------- d-----w- c:\windows\av_ico

2011-10-28 14:32:29 -------- d--h--w- c:\windows\update.1

2011-10-28 14:32:27 -------- d--h--w- c:\windows\update.tray-15-0-lnk

2011-10-28 14:32:27 -------- d--h--w- c:\windows\update.tray-15-0

2011-10-28 14:21:12 1201152 ----a-w- c:\windows\services32.exe

2011-10-28 14:16:35 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b618b52e-63dd-4832-b03c-c90c65149951}\mpengine.dll

2011-10-18 09:38:13 -------- d-----w- c:\users\daria\appdata\local\Facebook

.

==================== Find3M ====================

.

.

============= FINISH: 11:11:41,00 ===============

======

Attach



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 2008-08-25 03:41:54
System Uptime: 2011-11-11 10:58:12 (1 hours ago)
.
Motherboard: FUJITSU SIEMENS | | F51
Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz | U2E1 | 1600/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 143 GiB total, 18,03 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Karta Microsoft ISATAP
Device ID: ROOT\*ISATAP\0012
Manufacturer: Microsoft
Name: Karta Microsoft ISATAP #6
PNP Device ID: ROOT\*ISATAP\0012
Service: tunnel
.
Class GUID:
Description:
Device ID: ROOT\*TOTREC7\0000
Manufacturer:
Name:
PNP Device ID: ROOT\*TOTREC7\0000
Service:
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office Suite Service Pack 2 (SP2)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat 4.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.6 - Polish
Adobe Shockwave Player 11.5
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)
AMT Media Manager
Aproksymacja - MNK v1.5.7.2
Archiwizator WinRAR
AVIcodec (remove only)
Avira Free Antivirus
Conduit Engine
Direct Show Ogg Vorbis Filter (remove only)
DVDShow For PowerPoint 1.5
EPSON Printer Software
EPSON Scan
Europa Casino
Facebook Video Calling 1.0.0.8714
foobar2000 v0.9.5.6
Gadu-Gadu 10
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB945282)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946040)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946308)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947540)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947789)
Intel(R) Graphics Media Accelerator Driver
ipla 2.2.1
Java Auto Updater
Java(TM) 6 Update 26
Java(TM) 6 Update 7
K-Lite Codec Pack 6.2.0 (Basic)
Malwarebytes' Anti-Malware wersja 1.51.2.1300
MediaBar
MediaBar 2.0
MediaInfo 0.7.42
Microsoft .NET Framework 3.5 Language Pack SP1 - plk
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office Access MUI (Polish) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Polish) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (Polish) 2007
Microsoft Office InfoPath MUI (Polish) 2007
Microsoft Office OneNote MUI (Polish) 2007
Microsoft Office Outlook MUI (Polish) 2007
Microsoft Office PowerPoint MUI (Polish) 2007
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Polish) 2007
Microsoft Office Proofing (Polish) 2007
Microsoft Office Publisher MUI (Polish) 2007
Microsoft Office Shared MUI (Polish) 2007
Microsoft Office Word MUI (Polish) 2007
Microsoft Silverlight
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Management Objects
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files (English)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server VSS Writer
Microsoft Visual C# 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Global Search Bar
My Web Search
Nero 7 Essentials
Nowe Gadu-Gadu
OpenOffice.org Installer 1.0
Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Panda Antivirus Pro 2009
PC Connectivity Solution
PhotoScape
Real Alternative 2.0.1
save2pc Light 3.53
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 5.1
Softonic-Eng7 Toolbar
Software Informer 1.0 BETA
Sql Server Customer Experience Improvement Program
SQL Server System CLR Types
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Outlook 2007 Junk Email Filter (KB2586924)
Vuze
Winamp
Winamp Detector Plug-in
Winamp Toolbar for Firefox
.
==== End Of File ===========================

Regards, netdis.

DDS.txt

Attach.txt

Link to post
Share on other sites

post-32477-1261866970.gif

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.